20.07.2023 03:45 This kernel update is based on upstream 5.15.120 and fixes atleast the following security issues: A flaw null pointer dereference in the Linux kernel DECnet networking protocol was found. A remote user could use this flaw to crash the
20.07.2023 03:45 Mishandles access control for an uninstaller directory. References: - https://bugs.mageia.org/show_bug.cgi?id=32091 - https://www.debian.org/lts/security/2023/dla-3483
19.07.2023 17:30 It was discovered that there was a potential denial of service in bind9, the popular Domain Name Server server. Shoham Danino, Anat Bremler-Barr, Yehuda Afek and Yuval Shavitt
19.07.2023 17:30 Red Hat OpenShift Container Platform release 4.11.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11.
19.07.2023 17:30 VolSync v0.7.3 enhancements and security fixes Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability
19.07.2023 17:30 ## 2023-06-20, Version 18.16.1 'Hydrogen' , @RafaelGSS This is a security release. ### Notable Changes The following CVEs are fixed in this release: * : `mainModule.__proto__` Bypass Experimental Policy Mechanism * :
19.07.2023 17:30 **Redis 7.0.12** - Released Mon July 10 12:00:00 IDT 2023 Upgrade urgency SECURITY: See security fixes below. Security Fixes: * A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson and cmsgpack libraries, and result in heap corruption and potentially remote code execution. The problem exists in all versions of
19.07.2023 17:30 **Redis 7.0.12** - Released Mon July 10 12:00:00 IDT 2023 Upgrade urgency SECURITY: See security fixes below. Security Fixes: * A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson and cmsgpack libraries, and result in heap corruption and potentially remote code execution. The problem exists in all versions of
18.07.2023 22:15 kernel: use-after-free caused by l2cap_reassemble_sdu in net/bluetooth/l2cap_core.c For more details about the security issue , including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix : * perf record -ag does not capture user space stack frames on s390x * SL7.9 - kernel: handle new reply code FILTERED_BY_HYPERVISOR
18.07.2023 22:15 bind: named's configured cache size limit can be significantly exceeded For more details about the security issue , including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 bind-debuginfo-9.11.4-26.P2.el7_9.14.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.14.x86_64.rpm bind-export-libs-9.11.4-26.P2.el7_9.14.i
18.07.2023 22:15 Several security issues were fixed in YAJL.
18.07.2023 22:15 Bind could be made to crash if it received specially crafted network traffic.
18.07.2023 22:15 libwebp could be made to crash or run programs as your login if it opened a specially crafted file.
18.07.2023 22:15 Several security issues were fixed in the Linux kernel.
18.07.2023 12:15 The components for Red Hat OpenShift support for Windows Containers 7.1.0 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle.
